Solved

AIX Encryption using EFS

Posted on 2013-06-20
1
1,389 Views
Last Modified: 2013-06-26
I was testing EFS on AIX 7.1. it was working when I decided to start over.
I deleted the filesystem and recreated the filesystem with the same name.
Now I get the following when entering root's EFS password:
efskeymgr -o ksh
root's EFS password:
Encryption framework returned an error: libefs bad parameter

I can change the password but still get the same error message.

Does anyone know how to fix this?

Also, once EFS is enabled with efsenable -a can it be disabled?

oslevel -s
7100-02-02-1316

lslpp -L | grep openssh
  openssh.base.client     6.0.0.6102    C     F    Open Secure Shell Commands
  openssh.base.server     6.0.0.6102    C     F    Open Secure Shell Server
  openssh.license         6.0.0.6102    C     F    Open Secure Shell License
  openssh.man.en_US       6.0.0.6102    C     F    Open Secure Shell
  openssh.msg.en_US       6.0.0.6102    C     F    Open Secure Shell Messages -

TIA,
Dan Kaib
0
Comment
Question by:scodhk
1 Comment
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 39265238
Is your private key still valid?

efskeymgr -v

Maybe it could help regenerating the key

efskeymgr -R <algo>

e.g.

efskeymgr -R RSA_1024

And no, you can't revert the actions taken by efsenable (create admin/user/group keystores, create /var/efs, update /etc/security/user and /etc/security/group, update Config_Rules).

wmp
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Read-only access for auditors 5 79
UAC Controls - confused 9 90
Using cipher to decrypt files. 4 79
Should One Always Sign Out Of Admin User A/C 5 74
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question